[Muscle] Aladdin eToken Java 72K / Athena OS755

Karsten Ohme widerstand at t-online.de
Thu Mar 27 13:48:10 PDT 2008 

countzero at sapo.pt schrieb:
> Hello everyone. I've just recently aquired an Aladdin eToken Java 72K.
> 
> Accordingly to the "Aladdin PKI Client", the token operating system is "OS755"
> (which I assume is Athena OS755) and the hardware version is 4.29.
> 
> I've been trying to determine if its possible to load custom Java applets on it
> (e.g MCardApplet); the Aladdin and Athena websites are not very clear regarding
> this matter. I've tried using google and searching the archives, but couldn't
> find many information regarding this OS and/or hardware.
> 
> I've also tried using GPShell to list the contents of the card, but I can't even
> find the correct keys to establish a secure channel with it:
> 
> mode_211
> enable_trace
> establish_context
> card_connect
> * reader name Aladdin Token JC 0
> select -AID A0000001510000 // I've found the correct AID searching the SUN Java
> Card Forums
> Command --> 00A4040007A0000001510000
> Wrapped command --> 00A4040007A0000001510000
> Response <-- 6F0F8407A0000001510000A5049F6501FF9000
> open_sc -security 1 -keyind 0 -keyver 0 -mac_key
> 404142434445464748494a4b4c4d4e4f -enc_key 404142434445464748494a4b4c4d4e4f
> Command --> 80CA006600
> Wrapped command --> 80CA006600
> Response <--
> 663F733D06072A864886FC6B01600C060A2A864886FC6B02020101630906072A864886FC6B03


640B06092A864886FC6B040105

-> Secure Channel Protocol 01
-> Secure Channel Protocol Impl 05

660C060A2B060104012A026E01029000
> Command --> 805000000829D23B1DB292DDA600
> Wrapped command --> 805000000829D23B1DB292DDA600
> Response <-- 00000752001209522642


0101

-> Key set Version 01
-> Secure Channel Protocol 01

So, far so good. But I'm not really sure if you card is a Global 
Paltform 2.1.1 card. Maybe it is a Open platform 2.0.1' card. (The 
previous spc version). Try this out. Use mode_201 instead of mode_211. 
But be careful, some tries, maybe 10, but sometimes less and you card is 
locked. So skipped after the second try it for this card until  you have 
an real answer. If this does not help, maybe you are not talking to the 
Card Issuer Security Domain but to a Security Domain with different keys 
or you use the wrong keys.

I know these two keys:

/** The default key value for new cards defined in a VISA specification. */
static const BYTE OPGP_VISA_DEFAULT_KEY[16] = {0x40, 0x41, 0x42, 0x43, 
0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D, 0x4E, 0x4F};

/** The default mother key value for new GemXpresso cards. */
static const BYTE OPGP_GEMXPRESSO_DEFAULT_KEY[16] = {0x47, 0x45, 0x4d, 
0x58, 0x50, 0x52, 0x45, 0x53, 0x53, 0x4f, 0x53, 0x41, 0x4d, 0x50, 0x4c, 
0x45};

Don't believe that it is a gemXpresse, but you can try.

Regards,
Karsten

C2DCB8F2268621674359E81DEAB29B429000
> mutual_authentication() returns 0x80302000 (The verification of the card
> cryptogram failed.)
> 
> Has anyone had any success with MCardApplet and this token?
> Can someone give me some pointers to documentation (e.g. correct AID, keys,
> etc.), SDK, people to contact?
> 
> Best regards,
> Joao
> _______________________________________________
> Muscle mailing list
> Muscle at lists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
> 
>

More information about the Muscle mailing list